Intel has addressed a potential privilege escalation vulnerability in its CPUs through the release of a comprehensive update. The identified flaw, partly uncovered by Google researchers, poses particular concerns for cloud service providers.
The vulnerability is associated with the fast short repeat move feature embedded in Intel CPUs since 2019. This feature enhances the processing speed of code with shorter strings. The bug, however, lies in the handling of certain instructions with conflicting or illogical REX-prefixes, potentially leading to system crashes. Unlike normal processor behaviour, the fsrm function, for unspecified reasons, fails to ignore these incorrect prefixes.
Intel characterizes the issue as resulting in “unexpected behaviour,” leading to crashes in “limited situations,” and raising the possibility of privilege escalation. To rectify this, the company has promptly released a microcode update, assigning a severity rating of 8.8 to the CVE-2023-23583 bug. Notably, the bug impacts specific desktop processors from the 11th generation (Rocket Lake) and certain server processors and mobile CPUs released since 2019.
Google researchers, also investigating the issue, highlight the potential for “serious security issues,” especially concerning cloud providers. However, due to the limited public knowledge about the precise functionality of fsrm, there remains uncertainty about the exact workings of the bug. While the researchers acknowledge the potential for privilege escalation, they cannot conclusively confirm this aspect. Importantly, there is no evidence to suggest that the vulnerability has been actively exploited at this point in time.